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REMARKS 
35 U.S.C. § 103. Claim Rejections. 

3-18. Claims 1-4, 7-15, 18-26, and 29-46 are rejected under 35 U.S.C. §103(a) 
5 as being unpatentable over Bhat et al. (U.S. Pub. No. 20050240763)(hereinafter 
Bhat) in view of Bhatnagar et al. (U. S. Pub. No. 2005002 1964)(hereinafter 
Bhat2). 

Applicant disagrees that Claims 1,11 and 23 are unpatentable over Bhat in view 
10 ofBhat2. 

Regarding Claim 1, the Office Action states that "Bhat discloses a system, 
comprising: 

at least one first identity comprising any of a user, user agent and a 
15 principal (Bhat: [0063]-[0064]: user ID and password); 

an authentication agency (Bhat: [0065]: authentication service module); 
means for sending a login request from the first identity to the 
authentication agency (Bhat: [0063]-[0064]; 

means for receiving an assertion at the first entity from the authentication 
20 agency in response to the log in request (Bhat [0066]: receive the login token); 

means for authenticating the first entity at a participant with the received 
assertion (Bhat: [0050]; the URL access service); 

means for sending a request for service on behalf of the first identity from 
a second identity comprising any of the participant and a service consumer 
25 associated with the participant to any of the authentication agency and a 
discovery service associated with the authentication agency, using the assertion 
(Bhat: [0031]: the URL access service determines access is authorized). 

The Office Action concedes that "Bhat does not explicitly disclose means for 
30 sending and authorization from the authentication agency to the second entity for 
the requested service in response to the sent request if the first entity is enabled 
for the requested service." 
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However, the Office Action also states that "Bhat2 discloses a client receives a 
authentication assertion reference from an issuing party and the relying party 
later uses the assertion reference to obtain authorization from the issuing party 
5 (Bhat2: [001 5]-[001 7] and claim 2). 

Applicant submits that the earliest effective priority date of Bhatnagar et al. (U. S. 
Pub. No. 20050021 964)(Bhat2) is July 25, 2003. 

10 Applicant has filed a Declaration of Prior Invention Pursuant to 37 CFR 1.131, to 
overcome Bhatnagar et al. (U. S. Pub. No. 20050021964), in which the 
conception of the Claims 1, 11, 23 and 33, as presently presented, occurred 
prior to the earliest effective priority date of Bhat2, and was coupled with due 
diligence from prior to said reference date to the filing of the present application. 

15 

Applicant therefore submits that a rejection of Claims 1-4, 7-15, 18-26, and 29- 
46 under 35 U.S.C. §1 03(a) as being unpatentable over Bhat et al. (U.S. Pub. 
No. 20050240763) in view of Bhatnagar et al. (U. S. Pub. No. 20050021964) is 
improper. 

20 

20-23. Claims 5, 6, 16, 17, 27 and 28 are rejected under 35 U.S.C. §103 (a) as 
being unpatentable over Bhat in view of Bhat2 and further in view of Rozmus et 
al. (U. S. Pub. No. 20040267870)(hereinafter Rozmus). 

25 

As discussed above, the earliest effective priority date of Bhatnagar et al. (U. S. 
Pub. No. 20050021 964)(Bhat2) is July 25, 2003. As well, the earliest effective 
priority date of Rozmus et al. (U. S. Pub. No. 20040267870)(Rozmus) is June 
26, 2003. 

30 

Applicant has filed a Declaration of Prior Invention Pursuant to 37 CFR 1.131, to 
overcome Bhatnagar et al. (U. S. Pub. No. 2005002 1964)(Bhat2) and Rozmus et 
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al. (U. S. Pub. No. 20040267870)(Rozmus), in which the conception of the 
Claims 1, 11, 23 and 33, as presently presented, occurred prior to the earliest 
effective priority dates of both Bhat2 and Rozmus, and was coupled with due 
diligence from prior to said reference date to the filing of the present application. 

5 

Applicant therefore submits that a rejection of Claims 1,11 and 23 under 35 
U.S.C. §1 03(a) as being unpatentable over Bhat in view of Bhat2 and further in 
view of Rozmus et al. (U. S. Pub. No. 20040267870) is improper. 

10 

CONCLUSION 

Applicant respectfully submits that Claims 1 1, 11, 23 and 33, as previously 
presented, and dependent claims 2-10, 12-22 and 24-32, and 34-46 overcome 
15 the rejections set forth in the Office Action. Applicant also submits that response 
does not introduce new matter into the Application. Based on the foregoing, 
Applicant considers the invention to be in condition for allowance. Applicant 
earnestly solicits the Examiner's withdrawal of the rejections set forth in the prior 
Office Action, such that a Notice of Allowance is forwarded to Applicant, and the 
20 present application is therefore allowed to issue as a United States Patent. 

Respectfully Submitted, 




25 Michael A. Glenn 

Reg. No. 30,176 



Customer No. 22862 
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Status of the Claims 

1. (Previously Presented) A system, comprising: 

at least one first entity comprising any of a user, a user agent and a 
5 principal; 

an authentication agency; 

means for sending a login request from the first entity to the authentication 
agency; 

means for receiving an assertion at the first entity from the authentication 
10 agency in response to the log in request; 

means for authenticating the first entity at a participant with the received 
assertion; 

means for sending a request for service on behalf of the first entity from a 
second entity comprising any of the participant and a service consumer 
15 associated with the participant to any of the authentication agency and a 
discovery service associated with the authentication agency, using the assertion; 
and 

means for an sending an authorization from the authentication agency to 
the second entity for the requested service in response to the sent request if the 
20 first entity is enabled for the requested service. 

2. (Previously Presented) The system of Claim 1, further comprising: 

at least one identity associated with the first entity, and user information 
associated with at least one of the identities; and 
25 at least one core service associated with the system and related to at least 

a portion of the user information. 

3. (Previously Presented) The system of Claim 2, wherein the core service is 
accessible by the first entity. 

30 

4. (Previously Presented) The system of Claim 2, wherein the core service is 
accessible by the participant. 
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5. (Previously Presented) The system, of Claim 2, wherein the core service is 
associated with one or more core service providers. 

5 6. (Previously Presented) The system of Claim 2, wherein the core service 
comprises any of an authentication service, a profile service, an alert service, a 
calendar service, an address book service and a wallet service. 

7. (Previously Presented) The system of Claim 1, wherein the authentication 
10 agency further comprises means for translating namespaces, such that a user 

identity of the first entity in a first namespace is translatable to a user identity in a 
second namespace. 

8. (Previously Presented) The system of Claim 7, wherein the user identity in 
15 the second namespace is encrypted. 

9. (Previously Presented) The system of Claim 7, wherein the user identity in 
the second namespace is time-bound. 

20 10. (Previously Presented) The system of Claim 1, wherein a user identity is 
associated with the first entity, and wherein the system further comprises: 

at least one core authentication record associated with the user identity, 
comprising any of services and links associated with the user identity. 

25 11. (Previously Presented) An system, comprising: 

an authentication agency for authenticating at least one first entity 
comprising any of a user, a user agent and a principal, and for sending 
assertions to the first entities; and 

at least one second entity comprising 
30 means for receiving the assertions from the first entities, 

means for authenticating the first entities at the second entity with 
the received assertions, 
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means for sending requests for service on behalf of the first entities 
to any of the authentication agency and a discovery service associated 
with the authentication agency, using the received authentication 
information from said first entities, 
5 means for receiving authorizations sent from the authentication 

agency in response to the sent requests if the first entities are enabled for 
the requested services; and 

means for invoking the requested authorized services with the 
received authorizations. 

10 

12. (Previously Presented) The system of Claim 1 1 , further comprising: 

a discovery module associated with the authentication agency and 
adapted to receive a user identifier associated with the first entity and a service 
name known to the system. 

15 

13. (Previously Presented) The system of Claim 1 1 , further comprising: 

at least one core service associated with the system and related to the first 

entity. 

20 14. (Previously Presented) The system of Claim 13, wherein the core service is 
accessible by the first entity. 

15. (Previously Presented) The system of Claim 13, wherein the core service is 
accessible by the second entity. 

25 

16. (Previously Presented) The system of Claim 13, wherein the core service is 
associated with one or more core service providers. 

17. (Previously Presented) The system of Claim 13, wherein the core service 
30 comprises any of an authentication service, a profile service, an alert service, a 

calendar service, an address book service and a wallet service. 
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18. (Previously Presented) The system of Claim 11, wherein the authentication 
agency further comprises means for translating namespaces, such that a user 
identity of a first entity in a first namespace is translatable to a user identity in a 
second namespace. 

5 

19. (Previously Presented) The system of Claim 18, wherein the user identity in 
the second namespace is encrypted. 

20. (Previously Presented) The system of Claim 18, wherein the user identity in 
1 0 the second namespace is time-bound. 

21. (Previously Presented) The system of Claim 11, wherein an identity is 
associated with the first entity, and wherein the system further comprises: 

at least one core authentication record associated with the identity, 
15 comprising any of services and links associated with the identity. 

22. (Previously Presented) The system of Claim 11, wherein the first entity is 
located at a device linked to the system. 

20 23. (Previously Presented) A process, comprising the steps of: 

sending a login request from a first entity to an authentication agency, the 
first entity comprising any of a user, a user agent and a principal; 

receiving an assertion at the first entity from the authentication agency in 
response to the log in request; 
25 authenticating at . a participant through the first entity with the received 

assertion; 

sending a request for a service on behalf of the first entity from a second 
entity comprising any of the participant and a service consumer associated with 
the participant to any of the authentication agency and a discovery service 
30 associated with the authentication agency, using the assertion; and 
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sending an authorization from the authentication agency to the second 
entity for the requested service in response to the sent request if the principal is 
enabled for the requested service. 

5 24. (Previously Presented) The process of Claim 23, further comprising the step 
of: 

establishing at least one core service associated with the system and 
related to the first entity. 

1 0 25. (Previously Presented) The process of Claim 24, wherein the core service is 
accessible by the first entity. 

26. (Previously Presented) The process of Claim 24, wherein the core service is 
accessible by the participant. 

15 

27. (Original) The process of Claim 24, wherein the core service is associated 
with one or more core service providers. 

28. (Previously Presented) The process of Claim 23, wherein the core service 
20 comprises any of an authentication service, a profile service, an alert service, a 

calendar service, an address book service and a wallet service. 

29. (Previously Presented) The process of Claim 23, further comprising the step 

of: 

25 translating namespaces, such that a user identity of a first entity in a first 

namespace is translated to a user identity in a second namespace. 

30. (Original) The process of Claim 29, further comprising the step of: 

encrypting the user identity in the second namespace. 

30 

31. (Original) The process of Claim 29, wherein the user identity in the second 
namespace is time-bound. 
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32. (Previously Presented) The process of Claim 23, further comprising the 
steps of: 

establishing at least one identity associated with the first entity; and 
5 associating at least one core authentication record with the established 

identity, comprising any of services and links associated with the established 
identity. 

33. (Previously Presented) A process, comprising the steps of: 
10 providing an authentication agency networked to a service; 

establishing an identity at the authentication agency for a first entity 
comprising any of a user, a user agent and a principal; 

sending authentication information from the authentication agency to the 
first entity; 

15 authenticating the first entity at a participant with the authentication 

information; 

sending a request for a service on behalf of the principal from a second 
entity comprising any of the participant and a service consumer associated with 
the participant to any of the authentication agency and a discovery service 
20 associated with the authentication agency; 

sending an authorization from the authentication agency to the second 
entity to access the service on behalf of the first entity if the first entity is enabled 
for the service by the authentication agency; and 

establishing a link between the second entity and the service, based upon 
25 the authorization. 

34. (Previously Presented) The process of Claim 33, wherein the second entity 
comprises any of a network site, a service provider and a store. 

30 35. (Previously Presented) The process of Claim 33, wherein the authorization 
comprises a service descriptor and a service assertion, wherein the service 
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descriptor comprises means for locating the requested service and wherein the 
service assertion comprises a credential to establish the link. 

36. (Previously Presented) The system of Claim 1, further comprising: 

5 means for invoking the requested service through the second entity using 

the authorization. 

37. (Previously Presented) The system of Claim 1, wherein the participant 
comprises any of a network site, a service provider and a store. 

10 

38. (Previously Presented) The system of Claim 1 , wherein the request for 
service comprises a service descriptor and a service assertion, wherein the 
service descriptor comprises means for locating the requested service, and 
wherein the service assertion comprises a credential to access the requested 

15 service. 

39. (Previously Presented) The system of Claim 1, wherein at least one identity 
is associated with the first entity, comprising any of a personal identity, a 
business identity and an anonymous identity. 

20 

40. (Previously Presented) The system of Claim 1 1 , wherein the second entity 
comprises any of a network site, a service provider and a store. 

41. (Previously Presented) The system of Claim 11, wherein the authorizations 
25 comprise a service descriptor and a service assertion, wherein the service 

descriptor comprises means for locating the requested service, and wherein the 
service assertion comprises a credential to access the requested service. 

42. (Previously Presented) The system of Claim 11, wherein at least one 
30 identity is associated with the first entity, comprising any of a personal identity, a 

business identity and an anonymous identity. 
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43. (Previously Presented) The process of Claim 23, further comprising the step 
of: 

invoking the requested service through the second entity using the 
authorization. 

44. (Previously Presented) The process of Claim 23, wherein the participant 
comprises any of a network.site, a service provider and a store. 

45. (Previously Presented) The process of Claim 23, wherein the authorization 
comprises a service descriptor and a service assertion,, wherein the service 
descriptor comprises means for locating the requested service and wherein the 
service assertion comprises a credential to invoke the requested service. 

46. (Previously Presented) The process of Claim 23, wherein at least one 
identity is associated with the first entity, comprising any of a personal identity, a 
business identity and an anonymous identity. 
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